rpm package
suse/kernel-livepatch-SLE15-SP6-RT_Update_1&distro=SUSE Linux Enterprise Live Patching 15 SP6
pkg:rpm/suse/kernel-livepatch-SLE15-SP6-RT_Update_1&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP6
Vulnerabilities (834)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-52692 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() scarlett2_usb_set_config() calls scarlett2_usb_get() but was not checking the result. Return the error if it fails rather than continuing w | ||
| CVE-2023-52691 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a double-free in si_dpm_init When the allocation of adev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails, amdgpu_free_extended_power_table is called to free some fields of adev. Howev | ||
| CVE-2023-52690 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check to scom_debug_init_one() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Add a null pointer check, and release 'ent' to av | ||
| CVE-2023-52687 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Add error handling for dma_map_sg() calls Macro dma_map_sg() may return 0 on error. This patch enables checks in case of the macro failure and ensures unmapping of previously mapped buffers w | ||
| CVE-2023-52686 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. | ||
| CVE-2023-52683 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32 multiplication overflow In lpit_update_residency() there is a possibility of overflow in multiplication, if tsc_khz is large enough (> UINT_MAX/1000). Change multiplication to mul_u32_u32 | ||
| CVE-2023-52681 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: efivarfs: Free s_fs_info on unmount Now that we allocate a s_fs_info struct on fs context creation, we should ensure that we free it again when the superblock goes away. | ||
| CVE-2023-52680 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error checks to *_ctl_get() The *_ctl_get() functions which call scarlett2_update_*() were not checking the return value. Fix to check the return value and pass to the caller. | ||
| CVE-2023-52679 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in of_parse_phandle_with_args_map In of_parse_phandle_with_args_map() the inner loop that iterates through the map entries calls of_node_put(new) to free the reference acquired by the previo | ||
| CVE-2023-52678 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c Before using list_first_entry, make sure to check that list is not empty, if list is empty return -ENODATA. Fixes the b | ||
| CVE-2023-52676 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: bpf: Guard stack limits against 32bit overflow This patch promotes the arithmetic around checking stack bounds to be done in the 64-bit domain, instead of the current 32bit. The arithmetic implies adding togeth | ||
| CVE-2023-52675 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. | ||
| CVE-2023-52674 | — | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 and SCARLETT2_MIXER_MAX_VALUE so we don't attempt to access outside scarlett2_mixer_va | ||
| CVE-2024-35828 | Med | 5.5 | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() In the for statement of lbs_allocate_cmd_buffer(), if the allocation of cmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to be | |
| CVE-2024-35823 | Med | 5.3 | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 ("vt: fix memory overlapping when deleting chars in the buffer"). | |
| CVE-2024-35815 | Med | 5.5 | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion The first kiocb_set_cancel_fn() argument may point at a struct kiocb that is not embedded inside struct aio_kiocb. With the current code, dependi | |
| CVE-2024-35813 | Med | 5.5 | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assigns prev_idata = idatas[i - 1], but doesn't check that the iterator i is greater than zero | |
| CVE-2024-35811 | Med | 5.5 | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In brcm80211 driver,it starts with the following | |
| CVE-2024-35807 | Med | 5.5 | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize We observed a corruption during on-line resize of a file system that is larger than 16 TiB with 4k block size. With having more then 2^32 blocks resize_inode is turned | |
| CVE-2024-35805 | Med | 5.5 | < 1-150600.1.5.1 | 1-150600.1.5.1 | May 17, 2024 | In the Linux kernel, the following vulnerability has been resolved: dm snapshot: fix lockup in dm_exception_table_exit There was reported lockup when we exit a snapshot with many exceptions. Fix this by adding "cond_resched" to the loop that frees the exceptions. |
- CVE-2023-52692May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() scarlett2_usb_set_config() calls scarlett2_usb_get() but was not checking the result. Return the error if it fails rather than continuing w
- CVE-2023-52691May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a double-free in si_dpm_init When the allocation of adev->pm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails, amdgpu_free_extended_power_table is called to free some fields of adev. Howev
- CVE-2023-52690May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check to scom_debug_init_one() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. Add a null pointer check, and release 'ent' to av
- CVE-2023-52687May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: crypto: safexcel - Add error handling for dma_map_sg() calls Macro dma_map_sg() may return 0 on error. This patch enables checks in case of the macro failure and ensures unmapping of previously mapped buffers w
- CVE-2023-52686May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check in opal_event_init() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.
- CVE-2023-52683May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: ACPI: LPIT: Avoid u32 multiplication overflow In lpit_update_residency() there is a possibility of overflow in multiplication, if tsc_khz is large enough (> UINT_MAX/1000). Change multiplication to mul_u32_u32
- CVE-2023-52681May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: efivarfs: Free s_fs_info on unmount Now that we allocate a s_fs_info struct on fs context creation, we should ensure that we free it again when the superblock goes away.
- CVE-2023-52680May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add missing error checks to *_ctl_get() The *_ctl_get() functions which call scarlett2_update_*() were not checking the return value. Fix to check the return value and pass to the caller.
- CVE-2023-52679May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in of_parse_phandle_with_args_map In of_parse_phandle_with_args_map() the inner loop that iterates through the map entries calls of_node_put(new) to free the reference acquired by the previo
- CVE-2023-52678May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c Before using list_first_entry, make sure to check that list is not empty, if list is empty return -ENODATA. Fixes the b
- CVE-2023-52676May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: bpf: Guard stack limits against 32bit overflow This patch promotes the arithmetic around checking stack bounds to be done in the 64-bit domain, instead of the current 32bit. The arithmetic implies adding togeth
- CVE-2023-52675May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure.
- CVE-2023-52674May 17, 2024affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 and SCARLETT2_MIXER_MAX_VALUE so we don't attempt to access outside scarlett2_mixer_va
- affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() In the for statement of lbs_allocate_cmd_buffer(), if the allocation of cmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to be
- affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 ("vt: fix memory overlapping when deleting chars in the buffer").
- affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion The first kiocb_set_cancel_fn() argument may point at a struct kiocb that is not embedded inside struct aio_kiocb. With the current code, dependi
- affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assigns prev_idata = idatas[i - 1], but doesn't check that the iterator i is greater than zero
- affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach This is the candidate patch of CVE-2023-47233 : https://nvd.nist.gov/vuln/detail/CVE-2023-47233 In brcm80211 driver,it starts with the following
- affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: ext4: fix corruption during on-line resize We observed a corruption during on-line resize of a file system that is larger than 16 TiB with 4k block size. With having more then 2^32 blocks resize_inode is turned
- affected < 1-150600.1.5.1fixed 1-150600.1.5.1
In the Linux kernel, the following vulnerability has been resolved: dm snapshot: fix lockup in dm_exception_table_exit There was reported lockup when we exit a snapshot with many exceptions. Fix this by adding "cond_resched" to the loop that frees the exceptions.
Page 28 of 42